infrahub-sdk 0.0.6 → 0.0.8

package/src/index.ts

@@ -4,9 +4,11 @@ export type SafeResult<T> =
   | { data: undefined; error: Error };
 
 import type { TypedDocumentNode } from '@graphql-typed-document-node/core';
+import https from 'https';
+import fetch from 'node-fetch';
 
-import createClient, { Middleware } from 'openapi-fetch';
-import { GraphQLClient, Variables } from 'graphql-request';
+import createClient from 'openapi-fetch';
+import { GraphQLClient, Variables, gql } from 'graphql-request';
 import type { paths } from './types';
 import { InfrahubBranchManager } from './branch';
 import {
@@ -21,10 +23,47 @@ export * from 'graphql-request';
 
 export * from './types';
 
+export interface TLSConfig {
+  /**
+   * If true, the server certificate is verified against the list of supplied CAs.
+   * Set to false to disable certificate verification (not recommended for production).
+   * 
+   * Note: Setting this to false will bypass all certificate validation, including
+   * expired certificates, self-signed certificates, and hostname mismatches.
+   */
+  rejectUnauthorized?: boolean;
+  /**
+   * Optional CA certificates to trust. Can be a string or Buffer containing the certificate(s).
+   * Use this when connecting to servers with custom or self-signed certificates.
+   */
+  ca?: string | Buffer | Array<string | Buffer>;
+  /**
+   * Optional client certificate for mutual TLS authentication.
+   */
+  cert?: string | Buffer;
+  /**
+   * Optional client private key for mutual TLS authentication.
+   */
+  key?: string | Buffer;
+}
+
 export interface InfrahubClientOptions {
   address: string;
   token?: string;
   branch?: string;
+  /**
+   * TLS/SSL configuration options for HTTPS connections.
+   * Use this to handle custom certificates, expired certificates, or disable certificate verification.
+   * 
+   * @example
+   * // Disable certificate verification (development only)
+   * { tls: { rejectUnauthorized: false } }
+   * 
+   * @example
+   * // Use custom CA certificate
+   * { tls: { ca: fs.readFileSync('/path/to/ca.pem') } }
+   */
+  tls?: TLSConfig;
 }
 
 const DEFAULT_BRANCH_NAME = 'main';
@@ -43,29 +82,63 @@ export class InfrahubClient {
     this.defaultBranch = options.branch || DEFAULT_BRANCH_NAME;
     this.branch = new InfrahubBranchManager(this);
 
-    // Initialize the openapi-fetch client
+    // Create custom fetch with TLS options if provided
+    let customFetch: typeof fetch = fetch;
+    if (options.tls) {
+      // Build agent options, ensuring rejectUnauthorized is explicitly set if provided
+      const agentOptions: https.AgentOptions = {};
+      
+      if (options.tls.rejectUnauthorized !== undefined) {
+        agentOptions.rejectUnauthorized = options.tls.rejectUnauthorized;
+      }
+      if (options.tls.ca !== undefined) {
+        agentOptions.ca = options.tls.ca;
+      }
+      if (options.tls.cert !== undefined) {
+        agentOptions.cert = options.tls.cert;
+      }
+      if (options.tls.key !== undefined) {
+        agentOptions.key = options.tls.key;
+      }
+
+      const httpsAgent = new https.Agent(agentOptions);
+      
+      customFetch = ((
+        url: Parameters<typeof fetch>[0],
+        opts: Parameters<typeof fetch>[1] = {}
+      ) => {
+        // Ensure agent is passed for HTTPS URLs
+        // node-fetch v2 requires the agent to be explicitly set
+        const fetchOptions = { ...opts, agent: httpsAgent };
+        return fetch(url, fetchOptions);
+      }) as typeof fetch;
+    }
 
+    // Initialize the openapi-fetch client with TLS configuration
     this.rest = createClient<paths>({
-      baseUrl: this.baseUrl
+      baseUrl: this.baseUrl,
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      fetch: customFetch as any
     });
 
-    const token = this.token;
-    const myMiddleware: Middleware = {
-      async onRequest({ request }) {
-        // set "X-INFRAHUB-KEY" header if token is present
-        if (token) {
-          request.headers.set('X-INFRAHUB-KEY', token);
+    // Use middleware to dynamically add the auth token to every REST request.
+    this.rest.use({
+      onRequest: (req) => {
+        req.headers.set('content-type', 'application/json');
+        if (this.token) {
+          req.headers.set('X-INFRAHUB-KEY', this.token);
         }
-        request.headers.set('content-type', 'application/json');
-        return request;
-      },
-    };
-
-    this.rest.use(myMiddleware);
+        return req;
+      }
+    });
 
     // Initialize the GraphQL client with the default branch endpoint
     this.graphqlClient = new GraphQLClient(
-      this._graphqlUrl(this.defaultBranch)
+      this._graphqlUrl(this.defaultBranch),
+      {
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        fetch: customFetch as any
+      }
     );
     this.graphqlClient.setHeaders({
       'Content-Type': 'application/json'
@@ -148,6 +221,50 @@ export class InfrahubClient {
       });
       return await (this.graphqlClient.request as any)(query, variables);
     } catch (error) {
+      // Check if this is a certificate error and provide helpful guidance
+      if (error instanceof Error) {
+        const errorMessage = error.message.toLowerCase();
+        const isCertError =
+          errorMessage.includes('certificate') ||
+          errorMessage.includes('cert') ||
+          errorMessage.includes('ssl') ||
+          errorMessage.includes('tls');
+        const isExpired = errorMessage.includes('expired');
+        const isSelfSigned = errorMessage.includes('self-signed') || errorMessage.includes('self signed');
+        const isUnauthorized = errorMessage.includes('unauthorized');
+
+        if (isCertError && (isExpired || isSelfSigned || isUnauthorized)) {
+          const helpMessage = [
+            '',
+            'Certificate validation failed. To resolve this issue, you can configure TLS options:',
+            '',
+            '1. Disable certificate verification (for development/testing only):',
+            '   const client = new InfrahubClient({',
+            '     address: "your-address",',
+            '     token: "your-token",',
+            '     tls: { rejectUnauthorized: false }',
+            '   });',
+            '',
+            '2. Or provide a custom CA certificate (requires: import fs from "fs"):',
+            '   const client = new InfrahubClient({',
+            '     address: "your-address",',
+            '     token: "your-token",',
+            '     tls: { ca: fs.readFileSync("/path/to/ca-cert.pem") }',
+            '   });',
+            '',
+            'See the README.md for more TLS configuration options.',
+            ''
+          ].join('\n');
+
+          console.error(helpMessage);
+          
+          // Create a new error with helpful message appended
+          const enhancedError = new Error(`${error.message}\n${helpMessage}`);
+          enhancedError.stack = error.stack;
+          throw enhancedError;
+        }
+      }
+      
       console.error('Error executing GraphQL query:', error);
       throw error;
     }

package/dist/cjs/index.js

@@ -1,65 +0,0 @@
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-
-// src/index.ts
-var index_exports = {};
-__export(index_exports, {
-  InfrahubClient: () => InfrahubClient
-});
-module.exports = __toCommonJS(index_exports);
-
-// src/client.ts
-var import_axios = __toESM(require("axios"), 1);
-var InfrahubClient = class {
-  constructor(baseURL, token) {
-    this.axiosInstance = import_axios.default.create({
-      baseURL,
-      headers: {
-        "Content-Type": "application/json"
-      }
-    });
-    if (token) {
-      this.setAuthToken(token);
-    }
-  }
-  setAuthToken(token) {
-    this.axiosInstance.defaults.headers.common["X-INFRAHUB-KEY"] = token;
-  }
-  // get info from /api/info endpoint
-  async getInfo() {
-    try {
-      const response = await this.axiosInstance.get("/api/info");
-      return response.data;
-    } catch (error) {
-      console.error("Error fetching info:", error);
-      throw error;
-    }
-  }
-};
-//# sourceMappingURL=index.js.map

package/dist/cjs/index.js.map

@@ -1,7 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../../src/index.ts", "../../src/client.ts"],
-  "sourcesContent": ["export * from './client';", "import axios, { AxiosInstance } from 'axios';\n\nexport class InfrahubClient {\n    private axiosInstance: AxiosInstance;\n\n    constructor(baseURL: string, token?: string) {\n        this.axiosInstance = axios.create({\n            baseURL,\n            headers: {\n                'Content-Type': 'application/json',\n            }\n        });\n        if (token) {\n            this.setAuthToken(token);\n        }\n\n    }\n\n    public setAuthToken(token: string) {\n        this.axiosInstance.defaults.headers.common[\"X-INFRAHUB-KEY\"] = token;\n    }\n\n    // get info from /api/info endpoint\n    public async getInfo() {\n        try {\n            const response = await this.axiosInstance.get('/api/info');\n            return response.data;\n        } catch (error) {\n            console.error('Error fetching info:', error);\n            throw error;\n        }\n    }\n}"],
-  "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,mBAAqC;AAE9B,IAAM,iBAAN,MAAqB;AAAA,EAGxB,YAAY,SAAiB,OAAgB;AACzC,SAAK,gBAAgB,aAAAA,QAAM,OAAO;AAAA,MAC9B;AAAA,MACA,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,IACJ,CAAC;AACD,QAAI,OAAO;AACP,WAAK,aAAa,KAAK;AAAA,IAC3B;AAAA,EAEJ;AAAA,EAEO,aAAa,OAAe;AAC/B,SAAK,cAAc,SAAS,QAAQ,OAAO,gBAAgB,IAAI;AAAA,EACnE;AAAA;AAAA,EAGA,MAAa,UAAU;AACnB,QAAI;AACA,YAAM,WAAW,MAAM,KAAK,cAAc,IAAI,WAAW;AACzD,aAAO,SAAS;AAAA,IACpB,SAAS,OAAO;AACZ,cAAQ,MAAM,wBAAwB,KAAK;AAC3C,YAAM;AAAA,IACV;AAAA,EACJ;AACJ;",
-  "names": ["axios"]
-}

package/dist/client.d.ts

@@ -1,6 +0,0 @@
-export declare class InfrahubClient {
-    private axiosInstance;
-    constructor(baseURL: string, token?: string);
-    setAuthToken(token: string): void;
-    getInfo(): Promise<any>;
-}

package/dist/client.js

@@ -1,35 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.InfrahubClient = void 0;
-const axios_1 = __importDefault(require("axios"));
-class InfrahubClient {
-    constructor(baseURL, token) {
-        this.axiosInstance = axios_1.default.create({
-            baseURL,
-            headers: {
-                'Content-Type': 'application/json',
-            }
-        });
-        if (token) {
-            this.setAuthToken(token);
-        }
-    }
-    setAuthToken(token) {
-        this.axiosInstance.defaults.headers.common["X-INFRAHUB-KEY"] = token;
-    }
-    // get info from /api/info endpoint
-    async getInfo() {
-        try {
-            const response = await this.axiosInstance.get('/api/info');
-            return response.data;
-        }
-        catch (error) {
-            console.error('Error fetching info:', error);
-            throw error;
-        }
-    }
-}
-exports.InfrahubClient = InfrahubClient;

package/dist/constants.js

@@ -1 +0,0 @@
-"use strict";

package/dist/esm/index.js

@@ -1,32 +0,0 @@
-// src/client.ts
-import axios from "axios";
-var InfrahubClient = class {
-  constructor(baseURL, token) {
-    this.axiosInstance = axios.create({
-      baseURL,
-      headers: {
-        "Content-Type": "application/json"
-      }
-    });
-    if (token) {
-      this.setAuthToken(token);
-    }
-  }
-  setAuthToken(token) {
-    this.axiosInstance.defaults.headers.common["X-INFRAHUB-KEY"] = token;
-  }
-  // get info from /api/info endpoint
-  async getInfo() {
-    try {
-      const response = await this.axiosInstance.get("/api/info");
-      return response.data;
-    } catch (error) {
-      console.error("Error fetching info:", error);
-      throw error;
-    }
-  }
-};
-export {
-  InfrahubClient
-};
-//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -1,7 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../../src/client.ts"],
-  "sourcesContent": ["import axios, { AxiosInstance } from 'axios';\n\nexport class InfrahubClient {\n    private axiosInstance: AxiosInstance;\n\n    constructor(baseURL: string, token?: string) {\n        this.axiosInstance = axios.create({\n            baseURL,\n            headers: {\n                'Content-Type': 'application/json',\n            }\n        });\n        if (token) {\n            this.setAuthToken(token);\n        }\n\n    }\n\n    public setAuthToken(token: string) {\n        this.axiosInstance.defaults.headers.common[\"X-INFRAHUB-KEY\"] = token;\n    }\n\n    // get info from /api/info endpoint\n    public async getInfo() {\n        try {\n            const response = await this.axiosInstance.get('/api/info');\n            return response.data;\n        } catch (error) {\n            console.error('Error fetching info:', error);\n            throw error;\n        }\n    }\n}"],
-  "mappings": ";AAAA,OAAO,WAA8B;AAE9B,IAAM,iBAAN,MAAqB;AAAA,EAGxB,YAAY,SAAiB,OAAgB;AACzC,SAAK,gBAAgB,MAAM,OAAO;AAAA,MAC9B;AAAA,MACA,SAAS;AAAA,QACL,gBAAgB;AAAA,MACpB;AAAA,IACJ,CAAC;AACD,QAAI,OAAO;AACP,WAAK,aAAa,KAAK;AAAA,IAC3B;AAAA,EAEJ;AAAA,EAEO,aAAa,OAAe;AAC/B,SAAK,cAAc,SAAS,QAAQ,OAAO,gBAAgB,IAAI;AAAA,EACnE;AAAA;AAAA,EAGA,MAAa,UAAU;AACnB,QAAI;AACA,YAAM,WAAW,MAAM,KAAK,cAAc,IAAI,WAAW;AACzD,aAAO,SAAS;AAAA,IACpB,SAAS,OAAO;AACZ,cAAQ,MAAM,wBAAwB,KAAK;AAC3C,YAAM;AAAA,IACV;AAAA,EACJ;AACJ;",
-  "names": []
-}

package/dist/types/client.d.ts

@@ -1,7 +0,0 @@
-export declare class InfrahubClient {
-    private axiosInstance;
-    constructor(baseURL: string, token?: string);
-    setAuthToken(token: string): void;
-    getInfo(): Promise<any>;
-}
-//# sourceMappingURL=client.d.ts.map

package/dist/types/client.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAEA,qBAAa,cAAc;IACvB,OAAO,CAAC,aAAa,CAAgB;gBAEzB,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM;IAapC,YAAY,CAAC,KAAK,EAAE,MAAM;IAKpB,OAAO;CASvB"}

package/dist/types/constants.d.ts

@@ -1 +0,0 @@
-//# sourceMappingURL=constants.d.ts.map

package/dist/types/constants.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":""}

package/dist/types/index.d.ts

@@ -1,2 +0,0 @@
-export * from './client';
-//# sourceMappingURL=index.d.ts.map

package/dist/types/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC"}

package/dist/types/utils/auth.d.ts

@@ -1 +0,0 @@
-//# sourceMappingURL=auth.d.ts.map

package/dist/types/utils/auth.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/utils/auth.ts"],"names":[],"mappings":""}

package/dist/types/utils/error-handling.d.ts

@@ -1 +0,0 @@
-//# sourceMappingURL=error-handling.d.ts.map

package/dist/types/utils/error-handling.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"error-handling.d.ts","sourceRoot":"","sources":["../../../src/utils/error-handling.ts"],"names":[],"mappings":""}

package/dist/types/utils/index.d.ts

@@ -1 +0,0 @@
-//# sourceMappingURL=index.d.ts.map

package/dist/types/utils/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/index.ts"],"names":[],"mappings":""}

package/dist/types/utils/validation.d.ts

@@ -1 +0,0 @@
-//# sourceMappingURL=validation.d.ts.map

package/dist/types/utils/validation.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../../src/utils/validation.ts"],"names":[],"mappings":""}

package/dist/utils/auth.js

@@ -1 +0,0 @@
-"use strict";

package/dist/utils/error-handling.js

@@ -1 +0,0 @@
-"use strict";

package/dist/utils/index.js

@@ -1 +0,0 @@
-"use strict";

package/dist/utils/validation.js

@@ -1 +0,0 @@
-"use strict";